Equipemnt that is required:Pix firewalls 506's at most sites and a pix 525/535 the corporate location.switches that support private vlan edge so guest will not hack one an other..Layer3 switch to segement the lan between the hotel employees and guest...
Here is a link to a doc on Cisco's website that will tell you everything just exclude the part about the 2.5 client.http://www.cisco.com/warp/public/110/pix3000.html
Haven't seen this but in doing research on a client to pix vpn problem I ran into a statement stating if an app doesn't work accross the vpn try lower the MTU.